How to View Maximum Limit of NAT Rules
21221
Created On 09/25/18 19:24 PM - Last Modified 06/13/23 13:39 PM
Resolution
Details
In order to view the max limit for NAT rules on a Palo Alto Networks firewall, issue following CLI command:
> show system state filter cfg.general.max* | match nat-policy
cfg.general.max-di-nat-policy-rule: 125 <--Max number of dynamic IP rules
cfg.general.max-dip-nat-policy-rule: 125 <--Max number of dynamic IP and port rules
cfg.general.max-nat-policy-rule: 125 <--Max number of NAT rules
cfg.general.max-si-nat-policy-rule: 125 <-- Max number of static NAT rules
owner: ashaikh